CLSA-2023:1688676098

[CLSA-2023:1688676098] java-1.8.0-openjdk: Fix of 7 CVEs

Type:

security

Severity:

Important

Release date:

2023-07-06

Description:

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs:
- CVE-2023-21930: Improper connection handling during TLS handshake (8294474)
- CVE-2023-21937: Missing string checks for NULL characters (8296622)
- CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder (8295304)
- CVE-2023-21939: Swing HTML parsing issue (8296832)
- CVE-2023-21954: Incorrect enqueue of references in garbage collector (8298191)
- CVE-2023-21967: Certificate validation issue in TLS session negotiation (8298310)
- CVE-2023-21968: Missing check for slash characters in URI-to-path conversion (8298667)
- Update tzdata requirement to 2023c to match JDK-8305113
- Include JDK-8271199 fix from the upcoming jdk8u382 in advance

Updated packages:

java-1.8.0-openjdk-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:6a5e6ed403928cf940fd5b82c7fddca548549e70
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:1cc11f97e467343315843f32ff36d8f66122d31a
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:e7a2c1f254a57e2ad71c690dace1f352e98fc1f1
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:ba25214b3abb48b1d111e7a532179b228d73bcdc
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:312e758b40389db2250493caa6cca2bf6f09ec38
java-1.8.0-openjdk-demo-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:e0adeed08db5fb14dd18cc66efd37a8beb1e8eab
java-1.8.0-openjdk-demo-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:d05d2ca494ea252006c8a09b284ac88219829e13
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:0139763c86c8d5fb277772bcd8fe9a07a961741f
java-1.8.0-openjdk-devel-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:f482c866775a780982f70c8b2ff7e019c244c67c
java-1.8.0-openjdk-devel-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:dd69b05daf24875698a3918175c41406e89a7441
java-1.8.0-openjdk-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:a515749a436faec74e3f3c06d78ca03bcdf3712b
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:5605ddc7848db770b9c939d9196b53c99880f03d
java-1.8.0-openjdk-headless-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:91ba416ed72b212c0553eb297ed156616762bec3
java-1.8.0-openjdk-headless-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:62be70ee2731d36bad9da7ba42a98e4480230406
java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el8.tuxcare.els1.noarch.rpm
sha:b4f187fd4c8b1ee77fb3783cd9cafee28838c0bd
java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.el8.tuxcare.els1.noarch.rpm
sha:2663de414d3a0fd3c033827ca2c46d2565f2d6c2
java-1.8.0-openjdk-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:782bab1ccd02e07c4ad4801f0e0e464f0de7b1a4
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:07c890aee6deb250d2fec93c78143158daa69ae9
java-1.8.0-openjdk-src-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:6e92d9914082ea367d3b4e379dd9fcc7c8bf4f5d
java-1.8.0-openjdk-src-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:1ae67187d61583c05b616f4e5fef9612318bea19

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.